Key Updates
Removal of bash based client
hamlet started life as a collection of bash scripts with the freemarker template engine handling creating files. Over the years we've evolved the bash scripts into a cli that does still call some of these bash scripts but the main interface has been the cli for a little while now. In this release we have removed the bash scripts that aren't being used by the cli as well as the shim engine in the CLI which allowed you to access the bash scripts directly while still being able to use the engines we have in hamlet.
This shouldn't have an impact on most users of hamlet as most people found the cli the way to go for understanding how to get things going.
Along with that some of the commands in the cli which directly mapped to cli calls have also been removed as they have been replaced by other processes, mostly with the introduction of runbooks.
The following command groups have been removed:
-
hamlet release - Has now been replaced with run books
hamlet release upload-image
is now available as a run book. For the aws provider
hamlet task run-runbook -n management-image_push-runbook -- Tier=app Component=myservice Reference=abc123 DockerImage=myimage:latest
Will now push a local docker image tag up to the hamlet registry and update the image reference based on the occurrence details provided
hamlet release update-build-reference
This is completed as part of the runbook above but if you need to manually change the reference when you don't have an image as well
hamlet task run-book -n management-image_set_reference-runbook -- Tier=app Component=myservice Reference=def456
hamlet release transfer-image
The transfer process has now been removed. Instead we have added a pull image command which you can use to pull an image locally then push back to another registry
hamlet task run-runbook -n management-image_pull-runbook -- Tier=app Component=myservice
Will pull down the image and provide you with details of the image that you can use to perform a push
-
hamlet manage - Has now been replaced with runbooks and the hamlet deploy commands
hamlet manage stack hamlet manage deployment
have been replaced with the hamlet deploy run-deployments command
hamlet manage crypto hamlet manage file-crypto hamlet manage credential-crypto
Have all been replaced with the encrypt and decrypt runbooks
hamlet task run-runbook -n management-kms_encrypt-runbook -- Value=mysecret hamlet task run-runbook -n management-kms_decrypt-runbook -- Value=bXlzZWNyZXQK
The value section will support multiline strings so you can cat a file into the value section and it will look after that for you
Changes
- remove legacy bash scripts (#370)
- legacy bash approach removal
Datapipeline component removal
The datapipeline component has now been removed. This was added to support the AWS Data Pipeline service which isn't really used anymore in favour of services like Step Functions. This was only available for AWS
Changes
- (datapipeline): remove support for AWS data pipeline
- remove datapipeline script support (#324)
- remove datapipeline support (#1984)
Overall Updates
Engine
New Features
- (waf): add support for waf on userpools
- (user): add user name control
- (user): source IP filtering
- (lb): client IP control (#2119)
- (vpcendpoint): policy support (#2117)
- (apigateway): private APIs (#2115)
- (mta): add stop after match action
Fixes
- missing waf userpool attrs (#2125)
- (userpool): add waf section that was lost (#2124)
- don't list disabled suboccurrences (#2118)
Refactorings
- (backups): default priority (#2123)
AWS
New Features
- (waf): enable waf and add challenges (#784)
- (user): name format handling
- (vpcendpoint): source vpc endpoint extension (#777)
- (user): source IP filtering
- SQS and SNS endpoint policies (#775)
- (ec2): lb fixed target mapping (#774)
- (lb): client IP control (#773)
- (iam): extend use of the large policy setup
- (vpcendpoint): policy support (#764)
- (apigateway): private APIs (#762)
- (mta): stop after match
Fixes
- (firewall): add both log destinations for all
- (datafeed): support subset passes (#782)
- (ecs): round max memory when calculated
- (gateway): route table collection
- add note for migration
- ec2 sec groups and ecs ids
- (gateway): duplicate route table ids (#770)
- (gateway): duplicate route table ids (#769)
- (account): disable cloudtrail by default
- (objectsql): permissions state details
- docker image tag extension (#765)
- (cdn): extraneous resources in lg pass (#761)
Refactorings
- (datafeed): check for undeployed lambda (#781)
- (datafeed): undeployed lambda functions (#778)
- remove use of component ids
Azure
Fixes
- (ci): update to latest shared workflows (#313)
- (computecluster): bootstraps lookup from global
- remove use of getRegistryPrefix and EndPoint (#310)
Refactorings
- replace reference lookups with function
- standardise github workflows (#309)
CLI
Fixes
- path to the sh script for set_provider_credentails task